PwnFest

PwnFest is an event where – usually – security researchers, experts, and companies gather to break into software; in return, they win money for their efforts and research. The big businesses themselves sponsor the event – and they are the ones challenging these security experts to break into their software.

It’s a great way to keep yourself on edge – your software is, of course, going to have security bugs, why not have them exposed in a controlled environment and reward the people who figure them out? Prevention is better than cure – and that’s what events such as PwnFest are for.

The break-in

Just to be clear: the Edge session was running on the latest production release of Windows 10: Redstone 1, also known as the Anniversary Update.

Qihoo 360 – a Chinese security firm – was the first to break into Edge; the team at Qihoo 360 had to rework their exploit after Microsoft’s patch this Tuesday.

Microsoft is rewarding both of them with $120,000 for breaking into Edge, and a further bonus of $20,000 for gaining access to system-level code execution.

$140,000 for breaking into Microsoft’s software isn’t a bad deal. Microsoft plans on detailing the exploits at some point in the future – but first, they will be rolling out fixes so they cannot be exploited.